Q: Does the system comply with regulations such as GDPR or other applicable standards in Spain and the EU?

• Related Articles

• Q: What measures are in place in case of system failure, data loss, or cyberattack?

  A: The system is hosted in Microsoft Azure, which provides built-in redundancy, availability zones, and distributed denial-of-service (DDoS) protection. We implement defense-in-depth measures including network firewalls, identity and access ...

• Q: Is there any technical documentation available regarding compliance?

  A: Yes. Microsoft provides compliance documentation and audit reports through the Azure Trust Center and Service Trust Portal. System-specific compliance documentation (GDPR measures, security configuration, and policies) can be shared under NDA.

• Q: We understand the system is hosted on Microsoft Azure and Amazon S3, with encrypted SSL communication and daily redundant backups. Could you confirm if this setup is still current and whether any changes are planned?

  A: The system is now primarily hosted on Microsoft Azure. Azure Storage is used as the main backup and file repository. SSL/TLS (minimum TLS 1.2) is enforced for all communications. Daily redundant backups remain in place, and no major infrastructure ...

• Q: What level of security is applied for accessing the system from outside the internal network?

  A: Remote access is protected by Azure Active Directory (AAD) using modern authentication protocols (OAuth 2.0 / OpenID Connect). Access requires secure login with username and password, and is further protected by multi-factor authentication (MFA) ...

• Q: How frequently are backups performed?

  A: Automated backups run daily for databases and virtual machines, with transaction log backups at shorter intervals where applicable. Configuration and infrastructure-as-code repositories are continuously version-controlled.